package com.liupei.auth.service.impl;

import com.liupei.auth.entity.SysUserInfo;
import com.liupei.user.entity.SysUser;
import com.liupei.user.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

/**
 * @ClassNameUserDetailsServiceImpl
 * @Description
 * @Author liupei
 * @Emaile 3268727800@qq.com
 * @Date2021/3/12 17:24
 * @Version V1.0
 **/
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
    @Autowired
    private SysUserService sysUserService;
    @Autowired
    private ClientDetailsService clientDetailsService;

    @Autowired
    private StringRedisTemplate redisTemplate;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        //取出身份，如果身份为空说明没有认证
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        //没有认证统一采用httpbasic认证，httpbasic中存储了client_id和client_secret，开始认证client_id和client_secret
        if(authentication==null){
            ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
            if(clientDetails!=null){
                //秘钥
                String clientSecret = clientDetails.getClientSecret();
                //静态方式
                return new User(username,new BCryptPasswordEncoder().encode(clientSecret), AuthorityUtils.commaSeparatedStringToAuthorityList(""));
                //数据库查找方式
                //return new User(username,clientSecret, AuthorityUtils.commaSeparatedStringToAuthorityList(""));
            }
        }

        if (StringUtils.isEmpty(username)) {
            return null;
        }

        //根据用户名查询用户信息
        SysUser sysUser = sysUserService.getUserByName(username);

        String pwd = new BCryptPasswordEncoder().encode(sysUser.getPassword());

        //根据用户类型去查询对应权限，如果是后台用户需要动态的去查询数据库权限。
        String permissions = "";
        try{
            //获取用户角色信息,这个后期要加字段
            String rolePerms = redisTemplate.opsForValue().get(sysUser.getUsername());
            //对应的角色列表
            permissions = rolePerms;
        }catch (Exception e){
            e.printStackTrace();
        }

        SysUserInfo userDetails = new SysUserInfo(username,pwd,AuthorityUtils.commaSeparatedStringToAuthorityList(permissions));
        return userDetails;

    }
}
